PSA: Test instructions now supported in the Chrome Web Store Developer Dashboard

[Patrick Kettner]

Hey everybody,

I am very excited to announce that we just launched support for including test instructions within the Chrome Web Store! This means that if your extension has behaviors that rely on an account, or something that is gated behind a paywall, you can now provide a username and password within the Chrome Web Store Developer Dashboard. This will make it easier for our team of reviewers to get the full experience of your extension, so make sure to include it (if relevant).

You can read more about it in the above linked documentation, or reply here for any thoughts or questions

best

Patrick Kettner |     Chrome Extensions |       developer.chrome.com   |        New York   , on behalf of the Chrome Web Store team

[Matt Frisbie]

I'm sure many developers like me manage extensions where providing credentials to test with is not an option in any form and never will be.

Will these extensions be penalized, now or in the future?

--
You received this message because you are subscribed to the Google Groups "Chromium Extensions" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extens...@chromium.org.
To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/chromium-extensions/CAPAuxoDC%2BMp4g8rj1M19tAQ24Xr8myJWXEH3bh-y3Vp%2BAkV9uQ%40mail.gmail.com.

[Patrick Kettner]

Great question - not at all! By no means is it a negative to not have credentials. This is purely to ease reviews in cases where having credentials IS useful.

[apell...@copper.com]

I'm a bit worried by the language on the developer dashboard page, which states that these credentials are required to qualify for a Featured badge. It seems that there are negatives to not providing credentials. Namely, you can't get a Featured badge; and if you already have one, it could be taken away from you with no way to recover or reapply for it.

What is the recommended way to provide u/p credentials if an extension relies on an OAuth provider such as Google Accounts for authentication? Typically these providers have additional security measures that make it hard to share credentials; such as requiring 2FA when logging in from a new device or location. The 'additional instructions' box isn't sufficient for this, as the 2FA device will likely require a second set of credentials to access.

[Oliver Dunk]

Hi,

There is no requirement for test credentials to quality for the featured badge. However, as part of assessing extensions for eligibility we do need to be able to reasonably test the functionality and determine if the item works as expected. In some cases, we haven't been able to do that, and those extensions would have already had trouble receiving the badge. This is about collecting this data so that we can begin to look at ways of using it when assessing extensions for the featured badge, and therefore increase the number of eligible extensions.

We don't currently have advice for OAuth, however I completely understand the tricky parts there. If you can have your functionality accessible when signed out, that should be sufficient, but I appreciate that will not be the case for everyone. We'll keep making improvements of course and if we think of a way to handle that we might be able to make changes in the future.

I hope that helps.

Oliver Dunk | DevRel, Chrome Extensions | https://developer.chrome.com/ | London, GB

To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/chromium-extensions/75059511-e7a9-489f-b351-22ec5b1c3a0an%40chromium.org.